V(x)Block – AMP VUM & SQL Active Directory Integration

When a VxBlock is shipped from the factory all Windows & SQL user/db accounts are setup as local accounts, due to obvious reasons (customer AD does not exist in factory!). This post details the steps to integrate a VUM VM & SQL with Active Directory and change the local WIN&SQL accounts to AD accounts, along with modifying the SQL DB permissions to an assigned AD account.

From the SQL Management Studio, expand the hierarchical Object Explorer on the left hand side, expanding Security -> Logins.

Right click on the VUM service account login for example domain\svc_vum and select Properties.

From the Default database drop-down list select the VUM database and click OK.

2. Assigning service account privileges for vSphere Update Manager:

Login to the vSphere Update Manager using Microsoft RDP Client.

In the Server Manager, click Tools, and from the menu select Computer Management.

In the side bar, navigate to Local Users and Groups, expand it and select Groups.
Open the Administrators group and add the vSphere Update Manager service account, for example domain\svc_vum, and click OK.

3. Assigning ‘Log On As A Service’ privileges for vSphere Update Manager:

Login to the vSphere Update Manager using Microsoft RDP Client.

In the Server Manager, click Tools, and from the menu select Local Security Policy.

In the side bar, navigate to Local Policies, expand it and select User Rights Assignment.

In the right-hand side pane, select and double-click on Log on as a Service.